Culture of Security

The Heart of Everything at Flamingo AI

The protection of our client’s data, their customer’s data, the privacy of data and information security are Flamingo AI’s top priorities. In addition to a focus on Customer Experience and Machine Learning, a Culture of Security is at the heart of what we do. These topics are the most important and first conversations that we have with all of our clients.

SecurityMetrics Credit Card SafeFlamingo AI prides itself on having a Culture of Security. This culture rests on three fundamental tenets – our people, our security processes and our technology.

People: The Flamingo team is comprised of world class executives, data scientists, software engineers, client engagement managers and operations staff – all of whom are provided with extensive security training, so that they are familiar with and actively adhere to Flamingo’s security policies and procedures.

Processes: Formal policies, processes and procedures are in place to ensure Security of all data that the Flamingo AI business handles. These are monitored, reviewed, audited and updated on a regular basis.

Technology: Our technological infrastructure has been designed and built to be secure, auditable, and compliant with various laws and regulations. The underlying infrastructure is continuously scanned and monitored, and is equipped with Intrusion Detection and Prevention capabilities. Flamingo partners with third party security experts to conduct penetration tests at least twice per year. The Flamingo platform has been designed so as not to store certain sensitive information, and is also completely auditable by ourselves, as well as by our clients.

SOC2 Certification

Flamingo AI is SOC2 Certified with a Type 1 Report. The attainment of this certification demonstrates that Flamingo has comprehensive policies and procedures, as well as a securely designed and built technological infrastructure to support the following Trust Services Principles Criteria:

  • Security: Flamingo’s systems are protected against unauthorized access (both physical and logical).
  • Availability: Flamingo’s systems are available for operation and use as committed or agreed.
  • Processing Integrity: System processing is complete, accurate, timely, and authorized.
  • Confidentiality: Information designed as confidential is protected as committed or agreed.

If you are interested in reviewing the SOC2 Type 1 Report, please email hello@flamingo.io. Flamingo anticipates the attainment of SOC2 Type 2 Certification in late 2018 or early 2019.

PCI Compliance

Flamingo is also fully compliant with the Payment Card Industry Data Security Standards (PCI DSS). Achieving PCI DSS compliance certifies both that the company has sufficient processes and procedures, as well as a secure underlying technical infrastructure, to support the processing of credit card transactions.